Biography

I am a Security Researcher in the Application Security Operation Center of the Global Security Operations of Amadeus IT Group. My domains of interest and expertise are Network and Application Security.

Prior to this position, I was a Ph.D. researcher in Digital Security enrolled at the Sorbonne Université. I worked on my research project in the Digital Security Department of EURECOM and Amadeus IT Group, under the supervision of Prof. Marc Dacier (KAUST) and Dr. Olivier Thonnard (Amadeus IT Group). I officially defended my Ph.D. thesis, titled “Detecting and Mitigating the New Generation of Scraping Bots”, in November 2023. In the spring of 2022 and 2023, I was a visiting researcher at the Resilient Computing and Cybersecurity Center (RC3), Saudi Arabia.

My recent research has delved into Residential IP proxies, commonly employed for bot traffic. After an in-depth examination of this proxy ecosystem and the development of novel server-side methods for detecting such requests, our attention has shifted toward identifying the geolocation of malicious actors leveraging these services thanks to network measurements.

Additionally, we are investigating techniques to recognize instances where bots redirect CAPTCHAs to CAPTCHA Farms. These farms, both virtual and physical, involve individuals being paid to swiftly solve these tests and provide the corresponding answers to bots for timely submission. In this way, bots can mimic real users solving times for CAPTCHAs.

Finally, our exploration extends to leverage machine learning models and deceptive strategies to improve the identification and mitigation of bot traffic.

I am always more than happy to discuss our work, if you have any feedback please do not hesitate to contact me at elisa.chiapponi@amadeus.com :)

Outside of work, I am passionate about cooking, volunteering (Global Shapers Nice, Helping Hands), hiking, indoor and outdoor climbing. I also love traveling, listening to true-crime podcasts and dancing Balfolk.

Interests
  • Application Security
  • Network Measurements
  • Bot Detection and Mitigation
  • Residential IP Proxies
  • CAPTCHA Farms
  • Honeypots
Education
  • Ph.D. in Digital Security, 2023

    Sorbonné Université

  • Diplôme d'ingenieur (French MSc), Computer Engineering, Communication System Security Track, 2020

    Télécom Paris at EURECOM

  • MSc in Computer Engineering, Software Engineering Track, 2020

    Politecnico di Torino

  • BSc in Bioengineering, 2017

    Universitá degli studi di Pavia

  • Erasmus Semester, 2016

    Universidad Carlos III de Madrid

Experience

 
 
 
 
 
Security Researcher
September 2023 – Present France
 
 
 
 
 
Ph.D. Researcher
April 2020 – August 2023 France
 
 
 
 
 
Visiting Ph.D. Researcher
March 2023 – April 2023 Saudi Arabia
 
 
 
 
 
Visiting Ph.D. Researcher
February 2022 – March 2022 Saudi Arabia
 
 
 
 
 
Application SOC Intern
July 2019 – January 2020 France
 
 
 
 
 
Bachelor Thesist
February 2017 – July 2017 Italy

Grants and Awards

Microsoft Partners Women Role Model Jeune Talent 2024
Network Traffic Measurement and Analysis Conference (TMA) 2023 Best Poster Award
Scholarship for 18 months at EURECOM - TÉLÉCOM Paris
Scholarship for 5 months at Universidad Carlos III de Madrid

Recent Publications

Quickly discover relevant content by filtering publications.
(2023). Detecting and Mitigating the New Generation of Scraping Bots. In Ph.D. Dissertation, Sorbonné Université, Cryptography and Security.

PDF Cite

(2023). Poster: The Impact of the Client Environment on Residential IP Proxies Detection. In IMC 2023.

Cite DOI

(2023). Inside Residential IP Proxies: Lessons Learned from Large Measurement Campaigns. In WTMC 2023.

PDF Cite DOI

(2023). Towards Detecting and Geolocalizing Web Scrapers with Round Trip Time Measurements. In TMA 2023.

PDF Cite Poster DOI

(2022). BADPASS: Bots taking ADvantage of Proxy AS a Service. In ISPEC 2022.

PDF Cite DOI

Service and Supervision

PC Member:

  • IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) - Doctoral Forum [2023]

  • ACM Internet Measurement Conference (IMC) [2024]

Journal Reviewer:

Cosupervision - Current students:

  • Baijun Feng [MSc student, KAUST, with prof. Marc Dacier]

Coupervision - Former students: